1. INTRODUCTION AND GENERAL TERMS
1.1 TEOOH Limited, a company registered in England under company number 11684661 and whose registered office is New Penderel House, 4th Floor, 283-288 High Holborn, London, United Kingdom, WC1V 7HP (“TEOOH”, “we”, “us” or “our” in this policy), operates the website www.teooh.com and a platform for hosting virtual events made available through the Teooh Client which you can download from www.teooh.com (“Services”).
1.2 TEOOH is committed to protecting and respecting your privacy. This policy explains the basis on which personal information we collect from you will be processed by us. Where we decide the purpose or means for which Personal Data you supply through these Services is processed, we are the “data controller” for the purposes of the General Data Protection Regulation 2016/679.
1.3 This policy explains the following:
1.3.1 What information TEOOH may collect about you;
1.3.2 How TEOOH will use information we collect about you;
1.3.3 Whether TEOOH will disclose your details to anyone else; and
1.3.4 Your choices and rights regarding the personal information you have provided to us.
2. WHAT INFORMATION WILL TEOOH COLLECT ABOUT ME?
2.1 We collect and process the following information which may include your Personal Data.
Information provided by you when using our Services
You may give us information about you by filling in forms when setting up an account with us, using our Services, signing up to our newsletter or contacting us with enquiries. Such information may include:
1) Identity and log-in data: including your name, virtual avatar, e-mail address, and password;
2) Transaction data: where you host or attend a paid virtual event or buy a virtual item., we will keep information related to your purchase (see the section on Payment Information below);
3) Event data: This is information related to the virtual events you host or attend, including audio and visual recordings of those events, actions you take, and copies of chat logs between you and other users;
4) Business client data. If you contact us about our Services on behalf of your organisation, we may hold your name as the contact point for the organisation, your email address, and the organisation's name and address; and
5) Your enquiry. If you contact us about our Services, we may keep the content of such enquiry. You are under no obligation to provide us with any details, but if you don’t provide all relevant information, we may not be able to help
When you pay for our Services, we use the following third party payment systems, which transact all our payments. We have no access to your card payment information. See their websites to find out more about the way they collect and process this information:
- Stripe (https://stripe.com/gb/privacy)
How you use our Website (Analytics)
Any user activity on our websites is tracked using a third party analytics provider called Google Analytics. Such information includes:
- number of visitors to our website
- pages visited while at the website and time spent per page
- page interaction information, such as scrolling, clicks and browsing methods
- websites where visitors have come from and where they go afterwards
- page response times and any download errors
- other technical information relating to end user device, such as IP address or browser plug-in
You can always choose to enable or disable cookies in your internet browser. By default, most internet browsers accept cookies but this can be changed. For further details, please consult the help menu in your internet browser. For further information about cookies, please see: www.allaboutcookies.org, and how to adjust your browser settings here: www.allaboutcookies.org/managecookies.
If you would like to opt-out of Google Analytics monitoring your behavior on our Website please use this link: (https://tools.google.com/dlpage/gaoptout/).
3. DATA SHARING
3.2 We may disclose your name and email address to the organiser of the virtual event for which you have registered. This is so that the event organiser can contact you with information about the virtual event. Where you have provided your consent, the event organiser may also contact you with marketing materials.
3.3 In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).
4. HOW WE WILL USE INFORMATION WE COLLECT ABOUT YOU
Providing the Services to you as a prospective or existing Client or User
We may use and retain your personal data where we need to perform the contract we are about to enter into or have entered into with you, such as to:
- register you as a new user; and
- deliver our Services to you or you or your organisation and ensure that the Services function properly and deliver the features promised.
We may also use and retain the personal data you provide to us when requesting our Services, to pursue our legitimate interest of providing our Services to you, such as to:
- respond to your enquiries;
- analyse and improve our Services; and
- provide you with information and updates about the Services we offer.
Prevention of Harassment, Fraud and other Unacceptable Activity
We may process your information for the legitimate interests of ensuring that use of our Services is in line with our EULA, lawful and non-fraudulent, does not disrupt the operation of our Services, does not harass our staff or other individuals, and to enforce our legal rights and comply with our legal obligations, including compliance with anti-money laundering regulations (if and where applicable).
Where we suspect that you have breached our EULA, we may investigate and keep a record of such investigation and its conclusion. Where such investigation concludes in a ban from our Services, we will keep details of such ban to ensure that it can be enforced.
We process information for the legitimate interest of complying with HMRC requirements by retaining records of customer purchases and transactions.
Where we reasonably believe that you are or may be in breach of any of the applicable laws, we may use your personal information to inform relevant third parties such as the community owner, your email/internet provider or law enforcement agencies about the content.
We use various forms of marketing to provide you with promotional materials about our Services.
If you ask to be added to our mailing list, we will keep you updated with our news by email unless you would like to be removed from that list (in which case please let us know by clicking unsubscribe at the bottom of any marketing email that you receive).
In line with the legitimate interest we have in promoting our business, we will use the email address you gave us via our website to provide you with this information.
There may also be circumstances where we will ask you for your explicit consent in respect of our use of your data in which case you will be notified at the time and can withdraw your consent at any time.
To understand how our Services are used
We use Google Analytics to understand how visitors use our website and to compile reports on website activity. We use the information to compile reports and to help us improve the website.
This processing is necessary for us to pursue our legitimate interest in improving our website, and providing a more relevant service to our customers. This information is not used to develop a personal profile of you.
5. YOUR RIGHTS IN RELATION TO PERSONAL DATA WHICH WE PROCESS RELATING TO YOU
5.1 You have the following rights over the way we process personal data relating to you. We aim to comply without undue delay in response to any requests by you:
5.1.1 for a copy of data we are processing about you and have inaccuracies corrected;
5.1.2 to ask us to restrict, stop processing or to delete your personal data;
5.1.3 for a machine-readable copy of your personal data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer; and
5.1.4 to make a complaint to a data protection regulator.
5.2 Please send your requests to firstname.lastname@example.org.
6. DATA RETENTION
6.2 To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
6.3 Where we have banned a user from our Services due to their breach of our EULA, we keep information to enforce such ban. This information is held by us indefinitely, consistent with our legitimate interest and reviewed periodically.
6.4 In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
We do not knowingly solicit data from or market to children under the age of 18. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at email@example.com. We will delete such information from our files within a reasonable time.
8.1 We will take all reasonable technical and organisational precautions to prevent the loss misuse or alteration of your personal information.
8.2 Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
We will notify you of any changes to this policy by email, notice on the website or account message.
10. INTERNATIONAL DATA TRANSFERS
Where we transfer your data outside of the EEA in respect of the transfer to the above affiliates, we have agreements in place with those parties which include standard data protection clauses adopted by a data protection regulator and approved by the European Commission to ensure that appropriate safeguards are in place to protect your Personal Data. If you would like to find out more about these safeguards, please let us know by writing to firstname.lastname@example.org.